Iran Nuclear Facility Explosion: Accident, Sabotage, Or Cyber-Attack? | #cybersecurity | #cyberattack

A huge explosion has taken place at an Iranian nuclear enrichment facility, possibly damaging some of the country’s most advanced centrifuges.

The resulting fire that ripped through the building at Iran’s main nuclear fuel production site on July 2 caused “extensive damage” to what appears to be a factory producing next generation centrifuges, the New York Times reports. 

MORE FROM FORBESU.S. Warns Chinese Hacking Poses ‘Significant Threat’ To COVID-19 Response

The incident comes after several fires at other facilities linked to Iran’s nuclear program, raising suspicions that it may have been the result of sabotage. 

The incident was confirmed by Behrouz Kamalvandi, a spokesman from the Atomic Energy Organization of Iran, with the agency sharing a photo of the burnt-out building. The agency did not say how the incident happened or reveal how much damage was done underground where most assembly work on the nuclear centrifuges takes place. 

An intelligence official told the New York Times that the explosion was caused by a device planted inside the building which destroyed much of the overground part of the facility—which is where new centrifuges are balanced before being put into operation. 

Stuxnet—a highly sophisticated nation state cyber-attack

The damaged building inside the nuclear complex at Natanz is right next to the underground production facilities where in 2010, a highly-sophisticated nation state cyber-attack was orchestrated by the U.S. and Israel, called Stuxnet. Stuxnet destroyed a thousand centrifuges and set back Iran’s nuclear program for years.

However, the new incident appears to be fairly rudimentary—it lacks the sophistication of the cyber-attacks orchestrated by Israel and the U.S. 10 years ago. 

According to the BBC’s Persian language service, a group called Homeland Cheetahs claimed responsibility for the explosion at the Iranian nuclear facility in an email, hours before news of the incident had hit.

What caused the incident at the Iranian nuclear facility? 

The incident could have been the result of sabotage or—although very unlikely—a cyber-attack. But Ian Thornton-Trump, CISO at Cyjax thinks the most likely scenario is a common accident.

“Could cyber do this? Qualified maybe. Could some accident or employee safety issue be responsible? Far more likely.”

It’s of course impossible to know for sure, and difficult to prove attribution. As Thornton-Trump points out: “There is a whole lot of evidence and detailed analysis required before we can make a call on this.”

Philip Ingram, MBE, a former colonel in British military intelligence agrees it is “highly likely that this was a physical attack of some sort,” but says the “outside possibility of it being another cyber initiated incident cannot be fully ruled out.”

Ingram explains: “Western cyber agencies have been on a much more aggressive offensive footing recently with the U.S. targeting Iranian air defence systems after one of its spy drones was shot down by Iran over the Gulf last year.”

“It is too early to tell the cause of this incident with any certainty, but Iran will certainly be looking into the security around one of its most sensitive nuclear sites once again,” he adds.

While the target does fit the right profile for a cyber-attack, Thornton-Trump says the incident doesn’t make sense in that context. “I would need to see a process map and a network diagram and figure out if it was even possible. And it assumes Iran has not learned anything in terms of cyber defense since Stuxnet. You’d think they would segment, isolate and keep anything related to sensitive defense related projects off the internet.”

It was always likely attention would turn to Stuxnet, but the event has the hallmarks of locally organised sabotage or an accident, not a nation state cyber-attack. 

MORE FROM FORBESPowerful iPhone Shortcut Can Record If You Are Stopped By The Cops-Here’s How

Update July 4 at 4:00am PT

Iran is claiming the fire and possible explosion at its Natanz nuclear plant on July 2 could have been caused by a cyberattack, and is threatening retaliation in response. However, it has not offered any evidence at the time of writing. 

Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

forty six − = 42